I do:
openssl s_client -connect website.com:443 -tls1_1
And get:
CONNECTED(00000003)
140120601777808:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1315:SSL alert number 40
140120601777808:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:637:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.1
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1495200033
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
I also get something like this when testing TLS 1.0.
However, testing TLS 1.2 is successful
The website config (nginx) includes this:
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name website.com www.website.com;
root /var/www/public/website.com;
error_log /var/www/nginx.error.log;
ssl_certificate /etc/letsencrypt/live/website.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/website.com/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
ssl_dhparam /etc/nginx/dhparam.pem;
# modern configuration. tweak to your needs.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers '*EDITED*;
ssl_prefer_server_ciphers on;
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;
# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/website.com/fullchain.pem;
resolver 8.8.8.8 8.8.4.4;
[...]
Have no idea what's going on! Any suggestions?
Thanks!
While according to the protocols TLS 1.0 .. 1.2 are supported by the server the problem might be the set of ciphers which is unfortunately not shown in detail. There are a few ciphers which are defined new with TLS 1.2 and which can only used with TLS 1.2, notably all ciphers using SHA-256 or SHA-384 as HMAC. If only these ciphers are accepted by the server then this implicitly means that only TLS 1.2 protocol is accepted.
For example the modern profile as currently shown by the Mozilla SSL config generator only includes ciphers available with TLS 1.2 or later and can thus not be used together with older TLS protocol versions.
Maybe you forget to install
mod_ssl
? I've googled a lot, but didn't find solution. So, after I installedmod_ssl
all works as it should.Or (for Centos 8)